"Too many DNS lookups" is a permerror related to the SPF (Sender Policy Framework) record for a domain. SPF records specify which mail servers are authorized to send email on behalf of your domain. When an email is received, the receiving mail server checks the SPF record by performing DNS lookups to verify the authorized sending servers.
The SPF specification limits the number of DNS lookups to a maximum of 10 per SPF check. This limit is in place to prevent abuse and reduce the risk of DNS-based attacks. If the SPF record and its included mechanisms exceed this limit, the SPF check will fail, often resulting in emails being marked as spam or rejected.
Most Common Causes of "Too Many DNS Lookups"
- Multiple Include Statements: Using several include statements in your SPF record can quickly add up to more than 10 DNS lookups.
- Unnecessary Include Statements: Having includes that are no longer being used to send out emails takes extra lookup space, so removing them is the best way to reduce SPF lookups.
- Having Incorrect Mechanisms: The ptr mechanism, it’s a type of DNS record that correlates an IP address with a domain or hostname. The SPF specification does not suggest using the “ptr” mechanism in the SPF record because it can result in a large number of DNS lookups, exceeding the limit of 10.
How to Resolve "Too Many DNS Lookups"
- Simplify the SPF record: Remove unnecessary mechanisms and includes. Ensure only essential mail servers are included.
- Use an SPF Flattening Service: You can use our EasySPF feature, which is a dynamic platform that flattens the includes into IP addresses so this way you will avoid exceeding the 10 DNS lookup limitation.
- Regularly Monitor and Update SPF Records: Keep your SPF records up to date and regularly check for any unnecessary entries.
By managing and optimizing your SPF record, you can avoid exceeding the 10 DNS lookup limit and ensure your emails are properly authenticated.